the grugq's newsletter
Subscribe
RSS
Archives
December 25, 2024
December 25, 2024
December 25, 2024 As much as I love fail2ban, I love @drk1wi's portspoof even more :phttps://t.co/s0sQnW2tlY https://t.co/IP9Jc65CBs...
December 24, 2025
December 24, 2024
December 24, 2025 JUST IN: DPRK-related addresses have swapped nearly $200k via MetaMask, who has profited $1,985 in swap fees.Ya'll, DPRK doesn't trade....
December 23, 2024
December 23, 2024
December 23, 2024 Happy war on Christmas to all who celebrate. in case you didn't know, this is how you're actually supposed to do software versioning...
December 22, 2024
December 22, 2024
December 22, 2024 Just dropped my latest paper on kernel callbacks in Windows. It breaks down key internals and explores how red teamers can exploit them and...
December 21, 2024
December 21, 2024
December 21, 2024 Things are starting to add up — why did Lockbit ransomware group issue a threat to Christopher Wray, the current director of the United...
December 20, 2024
December 20, 2024
December 20, 2024 just accidentally closed a tab i've had been meaning to read for the past 2 years— yyy (@yx3io) December 18, 2024 Apple Platform Security...
December 19, 2024
December 19, 2024
December 19, 2024 Thank you for all the recommendations so far!Some of you asked for me to share the list of what I got, so here it...
December 18, 2024
December 18, 2024
December 18, 2024 TIL : There's a way to prevent the Win+R phishinghttps://t.co/PgmKfhLLS3 pic.twitter.com/aHrenapjPq— Florian Roth ⚡️ (@cyb3rops) December...
December 16-17
December 17, 2024
December 16-17 What Did Ada Lovelace's Program Actually Do? Great read What Did Ada Lovelace's Program Actually Do?In 1843, Ada Lovelace published the first...
December 15, 2024
December 15, 2024
December 15, 2024 Ukraine uncovers Russian spy network recruiting teens for espionagehttps://t.co/UbW4AHRjFz— Dr. Dan Lomas (@Sandbagger_01) December 14,...
December 14, 2024
December 14, 2024
December 14, 2024 FLARE is releasing a tool today that I've been working on over this year that helps break down binaries into smaller functional clusters...
December 13, 2024
December 13, 2024
December 13, 2024 Happy Friday the 13th to all who celebrate. For personal reasons km afraid the next few days will be a light newsletter. The Paranoids @...
December 12, 2024
December 12, 2024
December 12, 2024 I told one of the brothers our temporary code to the doors in the rectory will be "1234.""That will be easy to remember," he said. "Because...
December 11, 2024
December 11, 2024
December 11, 2024 Microsoft Rolls Out Default NTLM Relay Attack Mitigations https://t.co/uEPMLkRjHH— Nicolas Krassas (@Dinosn) December 10, 2024 DarkFlare -...
December 10, 2024
December 10, 2024
December 10, 2024 Craziest thing that happened in World War II in your area?— Hush-Kit Aviation News, History & Satire (@Hush_Kit) December 9, 2024 The IRA...
December 9, 2024
December 9, 2024
December 9, 2024 Hooka - shellcode loader with multiple capabilities. It is based on other tools like BokuLoader, Freeze or Shhhloader, and tries to...
December 8, 2024
December 8, 2024
December 8, 2024 The lack of end-to-end encryption through the telco infra is the vulnerability. We improved Internet infra security by largely de-...
December 7, 2024
December 7, 2024
December 7, 2024 A Russian state-sponsored hacker group, known as Gamaredon, has been targeting Ukrainian-speaking victims in an ongoing cyber-espionage...
December 6, 2024
December 6, 2024
December 6, 2024 Hot take: by being actively hostile to end to end encryption apps, FBI and DOJ has created the playing field on which Salt Typhoon now...
December 5, 2024
December 5, 2024
December 5, 2024 Me reverse engineering: Haha fuck yeah!!! Yes!! Me engineering: Well this fucking sucks. What the fuck.— Battle Programmer Yuu (@netspooky)...
December 4, 2024
December 4, 2024
December 4, 2024 @dagrano.bsky.social on BlueskyWe've just released our Q3 Adversarial Threat Report. Being part of the team creating the threat disruption...
December 3, 2024
December 3, 2024
December 3, 2024 It's Baaaaaack!!Our Credit Card Canarytokens are out of beta and on your Canarytoken servers..- Grab one;- Stash it somewhere "safe";- We...
December 2, 2024
December 2, 2024
December 2, 2024 The fascinating security model of dark web marketplaces The fascinating security model of dark web marketplaces After facial recognition...
December 1, 2024
December 1, 2024
December 1, 2024 The season of “next year cybersecurity predictions” is almost upon us. It's never too early to have "the talk" with your children....
November 29, 2024
November 29, 2024
November 29, 2024 In a somewhat recent project we used a vulnerable driver, which worked fine...Except: The customer had a custom rule that caused an alert...
November 28, 2024
November 28, 2024
November 28, 2024 Dopped a spicy 25-min read exploring adversarial ML 🤠 It's a mix of in-depth & light peppering of the broader field. So much I couldn’t fit...
November 27, 2024
November 27, 2024
November 27, 2024 If you like bounties, I highly recommend this presentation from @tincho_508 on novel web cache deception techniques. It comes with...
November 26, 2024
November 26, 2024
November 26, 2024 “With its aircraft carriers, nuclear submarines and missile systems, France's military is among Europe’s most modern. In terms of feathered...
November 25, 2024
November 25, 2024
November 25, 2024 A video that goes deep into the career of one of the Scattered Spider hackers. Tracing his journey through the Minecraft to Hacking...
November 24, 2024
November 24, 2024
November 24, 2024 #SpyNews - week 47 (November 17-23):A summary of 77 espionage-related stories from week 47 coming from...
November 23, 2024
November 23, 2024
November 23, 2024 If you’re looking to kill 3hrs with a podcast of my talking about hacker history, Phrack, and a bunch of random thoughts, I’ve heard this...
November 22, 2024
November 22, 2024
November 22, 2024 Spelunking in Comments and Documentation for Security Footguns - Include Security Research Blog Remember, remember the 22nd of...
November 21, 2024
November 21, 2024
November 21, 2024 https://www.theregister.com/2024/11/20/dlink_rip_replace_router/ On the heels of @Google’s ‘Big Sleep’ AI discovery of a real-world...
November 20, 2024
November 20, 2024
November 20, 2024 Love this series. The actual size of ancient battles is hard to comprehend without seeing a full simulation. It is kilometres from one end...
November 19, 2024
November 19, 2024
November 19, 2024 Saw some other folks realize its actually really easy to use certificates to authenticate as other users on windows if you have access to...
November 18, 2024
November 18, 2024
November 18, 2024 How does the new iOS inactivity reboot work? What does it protect from?I reverse engineered the kernel extension and the secure enclave...
November 16, 2024
November 16, 2024
November 16, 2024 @martu.bsky.social on BlueskyDeath threats, phishing emails, leaks and mobile malware—Iranian intelligence has heavily targeted Israeli...
November 15, 2024
November 15, 2024
November 15, 2024 France’s former intelligence chief accused of spying for Louis Vuitton billionairehttps://t.co/O65j7wuZ2A— Dr. Dan Lomas (@Sandbagger_01)...
November 14, 2024
November 14, 2024
November 14, 2024 I’ve always thought Seatbelt was a great situational awareness tool, I created a python implementation of it. Due to the nature of how I...
November 13, 2024
November 13, 2024
November 13, 2024 Uploaded my slides from POC2024. I'll soon be giving a slightly shorter version of the same talk on CODE BLUE 2024...
November 12, 2024
November 12, 2024
November 12, 2024 Looks like the talks from BlueHat 2024 are now onlinehttps://t.co/QFrktRrgJe— Alex Plaskett (@alexjplaskett) November 12, 2024 blue hat...
November 11, 2024, redux
November 11, 2024
November 10, 2024
November 10, 2024
November 10, 2024 Sorry about November 9th’s newsletter. I’ve raised the issue with Buttondown support and hopefully they’ll fix it. I got out of my Waymo to...
November 9, 2024 redux
November 10, 2024
November 9, 2024 iOS 18.1 added an implementation of the auto-reboot timer for locked devices we've been using in GrapheneOS since June...
November 9, 2024 redux
November 9, 2024
November 9, 2024 iOS 18.1 added an implementation of the auto-reboot timer for locked devices we've been using in GrapheneOS since June...
November 8, 2024
November 8, 2024
November 8, 2024 https://t.co/VB3CnETxc0 is free (not $5 or $10), clean, doesn't have ads, and works anywhere btw https://t.co/nuhRyoVcQ9...
November 7, 2024
November 7, 2024
November 7, 2024 As promised, I just dropped a dozen new sandbox escape vulnerabilities at #POC2024 If you missed the talk, here is the blog...
November 6, 2024
November 6, 2024
November 6, 2024 Resources on Satellite hacking CTFs Satellite Hacking Demystified: https://t.co/hGDo9jKO7W Hack-a-sat writeups: https://t.co/PIkGXuAKSN...
November 5, 2024
November 5, 2024
November 5, 2024 Don’t look too closely at the code here. You might not be able to recover https://t.co/47RIUcnETk— Theo - t3.gg (@theo) November 4, 2024 💡In...
November 4, 2024
November 4, 2024
November 4, 2024 Mind the v8 patch gap: Electron's Context Isolation is insecure Electron uses V8 isolates for context isolation, but the v8 patch gap allows...
Newer archives
Older archives